Posts Tagged ‘hacked’

Did the Cardinals hack the Astros

Posted by

binary tunnelIt seems almost common these days to read about corporations engaging in blackhat hacking operations to steal data from their rival competitors, but never before have we heard of the same blackhat hacking tactics being used by professional sports league teams.

Earlier this week a story was reported by the New York Times about an FBI investigation into the St. Louis Cardinals Baseball team for an alleged hacking event that took place on the computer database system of the Houston Astros Baseball team sometime in 2013.

The Astros allege that someone working for the Cardinals hacked into a closely guarded database where the Astros kept top secret information about the team’s players. The compromised database system known as “Ground Control” was developed by Jeff Luhnow, a former St. Louis Cardinals executive that developed a similar database system known as “Redbird” for the Cardinals team before leaving to work for the Houston Astros.

Law enforcement investigators say that the hack did not appear to be sophisticated. The intruder just brute forced the “Ground Control” system using passwords that Mr. Luhnow used for the “Redbird” system during his time with the St. Louis Cardinals. They also traced the illegal login activity to an IP address of a St. Louis Cardinals employee’s former residence.

Could it be that the St. Louis Cardinals actually used blackhat hacking efforts to break into the Houston Astros system to gain insider knowledge about the team’s players in hopes to gain a competitive advantage? Or could this be a negative publicity attempt by the Houston Astros towards the St. Louis Cardinals as they are known rival teams.

Without being able to actually analyze the computer that illegally connected to the Astros “Ground Control” system it is hard to prove that somebody working for the St. Louis Cardinals actually did what is alleged. Since the event happened in 2013 it may be hard or impossible to even find the computer that connected to the system that would contain the logs necessary to prove the hacking event was performed by an agent of the St. Louis Cardinals.

It is also possible that an agent working on behalf of the Houston Astros or anybody with a little Internet know-how could proxy their Internet connection through another computer to disguise themselves in order to do something dirty, i.e. using a Cardinals employee’s compromised computer to create a “fake” hacking event in order to create access logs to the “Ground Control” system using Mr. Lunhow’s known log in. Which begs the most obvious question; Why would Mr. Luhnow use the same login on both systems, knowing the sensitivity of the information that was stored in the database systems?

At this point there are a lot of questions that will need to be answered before any judgement can be made. However, one lesson that should be taken from this tale of two rival teams; never use the same log in and password for two systems, and always create hard to guess log in passwords.

Schnucks Falls Victim of Cyberattack

Posted by

Last week the news stories broke all over the St. Louis metro area about people’s credit card number being stolen and fraudulent charges being made. The common thread of all of these fraudulent charges was these cards were also used at Schnucks Markets in St. Louis, Missouri. According to a press release on Schnucks.com from March 30, 2013, Schnucks CEO Scott Schnucks says “After extensive review, we confirmed that Schnucks was the victim of a cyberattack”.

Why would Schnucks supermarket store your credit card information in a centralized database system that could fall victim to cybercrimes and hacking? Most stores take in credit card information encoded on the magnetic stripe at the point of sale and store this information temporarily until all transactions are batched out. They do this to keep banking fees at a minimum for charging credit cards, unfortunately this means that your credit card information is being stored for a period of time, which in turn means it can be hacked and stolen, which is exactly what happened to Schnucks.

If you have fallen victim to this cyberattack, you will need to cancel your credit card and get a new one, as the cybercriminal will still be able to use your credit card number to make fraudulent purchases until the card has been canceled.

This is the official Press Release from Schnucks:

“ST. LOUIS – Schnucks announced today that it has “found and contained” the issue behind the reports of unauthorized access to payment card information at Schnucks, and it has taken comprehensive measures designed to block any further access. The computer forensic firm that Schnucks engaged found evidence of computer code that would capture the magnetic stripe data on the back of payment cards. Now that the issue has been identified and contained, the investigation will turn to determining for how long the issue existed and which stores were affected. Customers can continue to use credit and debit cards at Schnucks.

“After an extensive review, we confirmed that Schnucks was the victim of a cyberattack,” said Chairman and CEO Scott Schnuck. “We have identified the issue and taken comprehensive measures to contain the incident. We are cooperating with law enforcement, the Missouri Attorney General’s Office, and the credit card companies to determine the scope and magnitude of this crime and apprehend those individuals making fraudulent purchases. We have been told by the computer forensics expert that the security enhancements we have implemented in the last 48 hours are designed to block this attack from continuing. Our customers can continue using credit and debit cards at our stores. We apologize for any inconvenience this may have caused our customers, and we thank each of them for their patience while we worked hard to investigate their concerns.”

Schnucks advises that if customers suspect their cards may have been compromised, they should immediately contact their credit or debit card company, typically a bank or credit union.

Founded in St. Louis in 1939, Schnuck Markets, Inc. operates 100 stores (including five Logli and six Hilander stores) and 96 in-store pharmacies in Missouri, Illinois, Indiana, Wisconsin and Iowa. Follow Schnucks on Facebook at www.facebook.com/Schnucks.”

The official press release webpage.

Over 2 Million Cards stolen from Schnucks – StLouisPublicRadio.org

// //
//